@kya-os/mcp-i-core 1.3.10-canary.clientinfo.20251126124133 → 1.3.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.turbo/turbo-build.log +1 -1
- package/dist/__tests__/utils/mock-providers.d.ts +2 -1
- package/dist/__tests__/utils/mock-providers.d.ts.map +1 -1
- package/dist/__tests__/utils/mock-providers.js.map +1 -1
- package/dist/config/remote-config.d.ts +51 -0
- package/dist/config/remote-config.d.ts.map +1 -1
- package/dist/config/remote-config.js +74 -0
- package/dist/config/remote-config.js.map +1 -1
- package/dist/config.d.ts +1 -1
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +4 -1
- package/dist/config.js.map +1 -1
- package/dist/delegation/did-key-resolver.d.ts +64 -0
- package/dist/delegation/did-key-resolver.d.ts.map +1 -0
- package/dist/delegation/did-key-resolver.js +159 -0
- package/dist/delegation/did-key-resolver.js.map +1 -0
- package/dist/delegation/utils.d.ts +76 -0
- package/dist/delegation/utils.d.ts.map +1 -1
- package/dist/delegation/utils.js +117 -0
- package/dist/delegation/utils.js.map +1 -1
- package/dist/identity/user-did-manager.d.ts +95 -12
- package/dist/identity/user-did-manager.d.ts.map +1 -1
- package/dist/identity/user-did-manager.js +107 -25
- package/dist/identity/user-did-manager.js.map +1 -1
- package/dist/index.d.ts +5 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +23 -1
- package/dist/index.js.map +1 -1
- package/dist/runtime/base.d.ts +25 -8
- package/dist/runtime/base.d.ts.map +1 -1
- package/dist/runtime/base.js +74 -21
- package/dist/runtime/base.js.map +1 -1
- package/dist/services/session-registration.service.d.ts.map +1 -1
- package/dist/services/session-registration.service.js +10 -90
- package/dist/services/session-registration.service.js.map +1 -1
- package/dist/services/tool-protection.service.d.ts +5 -2
- package/dist/services/tool-protection.service.d.ts.map +1 -1
- package/dist/services/tool-protection.service.js +72 -24
- package/dist/services/tool-protection.service.js.map +1 -1
- package/dist/utils/base58.d.ts +31 -0
- package/dist/utils/base58.d.ts.map +1 -0
- package/dist/utils/base58.js +103 -0
- package/dist/utils/base58.js.map +1 -0
- package/package.json +3 -3
- package/src/__tests__/identity/user-did-manager.test.ts +64 -45
- package/src/__tests__/integration/full-flow.test.ts +23 -10
- package/src/__tests__/runtime/base-extensions.test.ts +23 -21
- package/src/__tests__/runtime/proof-client-did.test.ts +19 -18
- package/src/__tests__/services/agentshield-integration.test.ts +10 -3
- package/src/__tests__/services/tool-protection-merged-config.test.ts +485 -0
- package/src/__tests__/services/tool-protection.service.test.ts +18 -11
- package/src/config/__tests__/merged-config.spec.ts +445 -0
- package/src/config/remote-config.ts +90 -0
- package/src/config.ts +3 -0
- package/src/delegation/__tests__/did-key-resolver.test.ts +265 -0
- package/src/delegation/did-key-resolver.ts +179 -0
- package/src/delegation/utils.ts +179 -0
- package/src/identity/user-did-manager.ts +185 -29
- package/src/index.ts +36 -1
- package/src/runtime/base.ts +84 -21
- package/src/services/session-registration.service.ts +26 -121
- package/src/services/tool-protection.service.ts +125 -56
- package/src/utils/base58.ts +109 -0
- package/coverage/coverage-final.json +0 -57
package/dist/delegation/utils.js
CHANGED
|
@@ -7,6 +7,10 @@
|
|
|
7
7
|
*/
|
|
8
8
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
9
|
exports.canonicalizeJSON = canonicalizeJSON;
|
|
10
|
+
exports.createUnsignedVCJWT = createUnsignedVCJWT;
|
|
11
|
+
exports.completeVCJWT = completeVCJWT;
|
|
12
|
+
exports.parseVCJWT = parseVCJWT;
|
|
13
|
+
const base64_1 = require("../utils/base64");
|
|
10
14
|
/**
|
|
11
15
|
* JSON canonicalization (RFC 8785)
|
|
12
16
|
*
|
|
@@ -45,4 +49,117 @@ function canonicalizeJSON(obj) {
|
|
|
45
49
|
}
|
|
46
50
|
throw new Error(`Cannot canonicalize type: ${typeof obj}`);
|
|
47
51
|
}
|
|
52
|
+
/**
|
|
53
|
+
* Create unsigned JWT parts (header + payload) for a VC
|
|
54
|
+
*
|
|
55
|
+
* Prepares the VC for signing by extracting standard claims and
|
|
56
|
+
* encoding the header and payload as base64url strings.
|
|
57
|
+
*
|
|
58
|
+
* @param vc - The Verifiable Credential (without proof)
|
|
59
|
+
* @param options - Encoding options
|
|
60
|
+
* @returns Object with encoded parts and signing input
|
|
61
|
+
*/
|
|
62
|
+
function createUnsignedVCJWT(vc, options = {}) {
|
|
63
|
+
// Create JWT header
|
|
64
|
+
const header = {
|
|
65
|
+
alg: 'EdDSA',
|
|
66
|
+
typ: 'JWT',
|
|
67
|
+
};
|
|
68
|
+
if (options.keyId) {
|
|
69
|
+
header.kid = options.keyId;
|
|
70
|
+
}
|
|
71
|
+
// Extract standard claims from VC
|
|
72
|
+
const issuer = typeof vc.issuer === 'string' ? vc.issuer : vc.issuer?.id;
|
|
73
|
+
const subject = vc.credentialSubject?.id;
|
|
74
|
+
// Parse dates to Unix timestamps
|
|
75
|
+
let exp;
|
|
76
|
+
let iat;
|
|
77
|
+
if (vc.expirationDate && typeof vc.expirationDate === 'string') {
|
|
78
|
+
exp = Math.floor(new Date(vc.expirationDate).getTime() / 1000);
|
|
79
|
+
}
|
|
80
|
+
if (vc.issuanceDate && typeof vc.issuanceDate === 'string') {
|
|
81
|
+
iat = Math.floor(new Date(vc.issuanceDate).getTime() / 1000);
|
|
82
|
+
}
|
|
83
|
+
// Remove proof from VC for JWT payload (signature is in JWT itself)
|
|
84
|
+
const vcWithoutProof = { ...vc };
|
|
85
|
+
delete vcWithoutProof.proof;
|
|
86
|
+
// Build JWT payload
|
|
87
|
+
const payload = {
|
|
88
|
+
iss: issuer,
|
|
89
|
+
vc: vcWithoutProof,
|
|
90
|
+
};
|
|
91
|
+
if (subject)
|
|
92
|
+
payload.sub = subject;
|
|
93
|
+
if (exp)
|
|
94
|
+
payload.exp = exp;
|
|
95
|
+
if (iat)
|
|
96
|
+
payload.iat = iat;
|
|
97
|
+
if (vc.id && typeof vc.id === 'string')
|
|
98
|
+
payload.jti = vc.id;
|
|
99
|
+
// Encode header and payload
|
|
100
|
+
const encodedHeader = (0, base64_1.base64urlEncodeFromString)(JSON.stringify(header));
|
|
101
|
+
const encodedPayload = (0, base64_1.base64urlEncodeFromString)(JSON.stringify(payload));
|
|
102
|
+
const signingInput = `${encodedHeader}.${encodedPayload}`;
|
|
103
|
+
return {
|
|
104
|
+
header,
|
|
105
|
+
payload,
|
|
106
|
+
encodedHeader,
|
|
107
|
+
encodedPayload,
|
|
108
|
+
signingInput,
|
|
109
|
+
};
|
|
110
|
+
}
|
|
111
|
+
/**
|
|
112
|
+
* Complete a JWT with a signature
|
|
113
|
+
*
|
|
114
|
+
* Takes the signing input and a base64url-encoded signature to create the final JWT.
|
|
115
|
+
*
|
|
116
|
+
* @param signingInput - The header.payload string that was signed
|
|
117
|
+
* @param signature - Base64url-encoded signature
|
|
118
|
+
* @returns Complete JWT string (header.payload.signature)
|
|
119
|
+
*/
|
|
120
|
+
function completeVCJWT(signingInput, signature) {
|
|
121
|
+
return `${signingInput}.${signature}`;
|
|
122
|
+
}
|
|
123
|
+
/**
|
|
124
|
+
* Parse a VC-JWT and extract the VC
|
|
125
|
+
*
|
|
126
|
+
* Does NOT verify the signature - use with a verification function.
|
|
127
|
+
*
|
|
128
|
+
* @param jwt - The JWT string
|
|
129
|
+
* @returns Parsed JWT parts
|
|
130
|
+
*/
|
|
131
|
+
function parseVCJWT(jwt) {
|
|
132
|
+
const parts = jwt.split('.');
|
|
133
|
+
if (parts.length !== 3) {
|
|
134
|
+
return null;
|
|
135
|
+
}
|
|
136
|
+
try {
|
|
137
|
+
// Decode header and payload
|
|
138
|
+
const headerJson = base64urlDecodeToString(parts[0]);
|
|
139
|
+
const payloadJson = base64urlDecodeToString(parts[1]);
|
|
140
|
+
const header = JSON.parse(headerJson);
|
|
141
|
+
const payload = JSON.parse(payloadJson);
|
|
142
|
+
return {
|
|
143
|
+
header,
|
|
144
|
+
payload,
|
|
145
|
+
signature: parts[2],
|
|
146
|
+
signingInput: `${parts[0]}.${parts[1]}`,
|
|
147
|
+
};
|
|
148
|
+
}
|
|
149
|
+
catch {
|
|
150
|
+
return null;
|
|
151
|
+
}
|
|
152
|
+
}
|
|
153
|
+
/**
|
|
154
|
+
* Decode base64url string to string (internal helper)
|
|
155
|
+
*/
|
|
156
|
+
function base64urlDecodeToString(input) {
|
|
157
|
+
// Add padding if needed
|
|
158
|
+
const padded = input + '='.repeat((4 - input.length % 4) % 4);
|
|
159
|
+
const base64 = padded.replace(/-/g, '+').replace(/_/g, '/');
|
|
160
|
+
if (typeof atob !== 'undefined') {
|
|
161
|
+
return atob(base64);
|
|
162
|
+
}
|
|
163
|
+
return Buffer.from(base64, 'base64').toString('utf-8');
|
|
164
|
+
}
|
|
48
165
|
//# sourceMappingURL=utils.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/delegation/utils.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;
|
|
1
|
+
{"version":3,"file":"utils.js","sourceRoot":"","sources":["../../src/delegation/utils.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;AAeH,4CAuBC;AAkDD,kDA6DC;AAWD,sCAEC;AAUD,gCA4BC;AAtMD,4CAA4D;AAE5D;;;;;;;;;;GAUG;AACH,SAAgB,gBAAgB,CAAC,GAAQ;IACvC,IAAI,GAAG,KAAK,IAAI;QAAE,OAAO,MAAM,CAAC;IAChC,IAAI,OAAO,GAAG,KAAK,SAAS;QAAE,OAAO,GAAG,CAAC,QAAQ,EAAE,CAAC;IACpD,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,uCAAuC,CAAC,CAAC;QAC3D,CAAC;QACD,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IAC7B,CAAC;IACD,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;IACxD,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACvB,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC;QAC3D,OAAO,GAAG,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;IACxC,CAAC;IACD,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;QACrC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;YAC7B,MAAM,KAAK,GAAG,gBAAgB,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;YACzC,OAAO,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,GAAG,GAAG,KAAK,CAAC;QAC3C,CAAC,CAAC,CAAC;QACH,OAAO,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC;IACrC,CAAC;IACD,MAAM,IAAI,KAAK,CAAC,6BAA6B,OAAO,GAAG,EAAE,CAAC,CAAC;AAC7D,CAAC;AAwCD;;;;;;;;;GASG;AACH,SAAgB,mBAAmB,CACjC,EAA2B,EAC3B,UAAgC,EAAE;IAQlC,oBAAoB;IACpB,MAAM,MAAM,GAAgB;QAC1B,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,KAAK;KACX,CAAC;IACF,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAClB,MAAM,CAAC,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC;IAC7B,CAAC;IAED,kCAAkC;IAClC,MAAM,MAAM,GAAG,OAAO,EAAE,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAE,EAAE,CAAC,MAAkC,EAAE,EAAY,CAAC;IAChH,MAAM,OAAO,GAAI,EAAE,CAAC,iBAA6C,EAAE,EAAwB,CAAC;IAE5F,iCAAiC;IACjC,IAAI,GAAuB,CAAC;IAC5B,IAAI,GAAuB,CAAC;IAE5B,IAAI,EAAE,CAAC,cAAc,IAAI,OAAO,EAAE,CAAC,cAAc,KAAK,QAAQ,EAAE,CAAC;QAC/D,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,EAAE,CAAC,cAAc,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;IACjE,CAAC;IACD,IAAI,EAAE,CAAC,YAAY,IAAI,OAAO,EAAE,CAAC,YAAY,KAAK,QAAQ,EAAE,CAAC;QAC3D,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,EAAE,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC;IAC/D,CAAC;IAED,oEAAoE;IACpE,MAAM,cAAc,GAAG,EAAE,GAAG,EAAE,EAAE,CAAC;IACjC,OAAO,cAAc,CAAC,KAAK,CAAC;IAE5B,oBAAoB;IACpB,MAAM,OAAO,GAAiB;QAC5B,GAAG,EAAE,MAAM;QACX,EAAE,EAAE,cAAc;KACnB,CAAC;IAEF,IAAI,OAAO;QAAE,OAAO,CAAC,GAAG,GAAG,OAAO,CAAC;IACnC,IAAI,GAAG;QAAE,OAAO,CAAC,GAAG,GAAG,GAAG,CAAC;IAC3B,IAAI,GAAG;QAAE,OAAO,CAAC,GAAG,GAAG,GAAG,CAAC;IAC3B,IAAI,EAAE,CAAC,EAAE,IAAI,OAAO,EAAE,CAAC,EAAE,KAAK,QAAQ;QAAE,OAAO,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,CAAC;IAE5D,4BAA4B;IAC5B,MAAM,aAAa,GAAG,IAAA,kCAAyB,EAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;IACxE,MAAM,cAAc,GAAG,IAAA,kCAAyB,EAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC;IAC1E,MAAM,YAAY,GAAG,GAAG,aAAa,IAAI,cAAc,EAAE,CAAC;IAE1D,OAAO;QACL,MAAM;QACN,OAAO;QACP,aAAa;QACb,cAAc;QACd,YAAY;KACb,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,SAAgB,aAAa,CAAC,YAAoB,EAAE,SAAiB;IACnE,OAAO,GAAG,YAAY,IAAI,SAAS,EAAE,CAAC;AACxC,CAAC;AAED;;;;;;;GAOG;AACH,SAAgB,UAAU,CAAC,GAAW;IAMpC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC7B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACH,4BAA4B;QAC5B,MAAM,UAAU,GAAG,uBAAuB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QACrD,MAAM,WAAW,GAAG,uBAAuB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QAEtD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAgB,CAAC;QACrD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAiB,CAAC;QAExD,OAAO;YACL,MAAM;YACN,OAAO;YACP,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC;YACnB,YAAY,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,EAAE;SACxC,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,uBAAuB,CAAC,KAAa;IAC5C,wBAAwB;IACxB,MAAM,MAAM,GAAG,KAAK,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC9D,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;IAE5D,IAAI,OAAO,IAAI,KAAK,WAAW,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC;IACtB,CAAC;IAED,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;AACzD,CAAC"}
|
|
@@ -1,11 +1,17 @@
|
|
|
1
1
|
/**
|
|
2
2
|
* User DID Manager
|
|
3
3
|
*
|
|
4
|
-
*
|
|
5
|
-
* Generates did:key DIDs for users when they join a chat session.
|
|
4
|
+
* Manages user DIDs for MCP-I sessions.
|
|
6
5
|
*
|
|
7
|
-
*
|
|
8
|
-
*
|
|
6
|
+
* Phase 5: Anonymous Sessions Until OAuth
|
|
7
|
+
* - Sessions start anonymous (no userDid) until OAuth completes
|
|
8
|
+
* - User DIDs are resolved via AgentShield identity/resolve after OAuth
|
|
9
|
+
* - Eliminates DID fragmentation (same user = same DID across sessions)
|
|
10
|
+
*
|
|
11
|
+
* DID Resolution Priority:
|
|
12
|
+
* 1. OAuth mapping lookup (persistent)
|
|
13
|
+
* 2. Session storage lookup
|
|
14
|
+
* 3. Return null (session stays anonymous)
|
|
9
15
|
*/
|
|
10
16
|
import { CryptoProvider } from '../providers/base';
|
|
11
17
|
/**
|
|
@@ -29,6 +35,31 @@ export interface OAuthIdentity {
|
|
|
29
35
|
*/
|
|
30
36
|
name?: string;
|
|
31
37
|
}
|
|
38
|
+
/**
|
|
39
|
+
* User key pair for signing VCs
|
|
40
|
+
*
|
|
41
|
+
* Contains both public and private keys in base64 format.
|
|
42
|
+
* SECURITY: Private keys should be encrypted at rest.
|
|
43
|
+
*/
|
|
44
|
+
export interface UserKeyPair {
|
|
45
|
+
/**
|
|
46
|
+
* User DID (did:key format)
|
|
47
|
+
*/
|
|
48
|
+
did: string;
|
|
49
|
+
/**
|
|
50
|
+
* Public key in base64 format
|
|
51
|
+
*/
|
|
52
|
+
publicKey: string;
|
|
53
|
+
/**
|
|
54
|
+
* Private key in base64 format
|
|
55
|
+
* SECURITY: Should be encrypted at rest in production
|
|
56
|
+
*/
|
|
57
|
+
privateKey: string;
|
|
58
|
+
/**
|
|
59
|
+
* Key ID (for JWS header)
|
|
60
|
+
*/
|
|
61
|
+
keyId: string;
|
|
62
|
+
}
|
|
32
63
|
/**
|
|
33
64
|
* User DID storage interface
|
|
34
65
|
*/
|
|
@@ -55,6 +86,26 @@ export interface UserDidStorage {
|
|
|
55
86
|
* If not implemented, OAuth-based storage will be skipped
|
|
56
87
|
*/
|
|
57
88
|
setByOAuth?(provider: string, subject: string, did: string, ttl?: number): Promise<void>;
|
|
89
|
+
/**
|
|
90
|
+
* Get user key pair for a session (optional - for VC signing)
|
|
91
|
+
* If not implemented, VC issuance will not be available for this session
|
|
92
|
+
*/
|
|
93
|
+
getKeyPair?(sessionId: string): Promise<UserKeyPair | null>;
|
|
94
|
+
/**
|
|
95
|
+
* Store user key pair for a session (optional - for VC signing)
|
|
96
|
+
* SECURITY: Implementation should encrypt private keys at rest
|
|
97
|
+
*/
|
|
98
|
+
setKeyPair?(sessionId: string, keyPair: UserKeyPair, ttl?: number): Promise<void>;
|
|
99
|
+
/**
|
|
100
|
+
* Get user key pair by OAuth identity (optional - for persistent key storage)
|
|
101
|
+
* If not implemented, OAuth-based key lookup will be skipped
|
|
102
|
+
*/
|
|
103
|
+
getKeyPairByOAuth?(provider: string, subject: string): Promise<UserKeyPair | null>;
|
|
104
|
+
/**
|
|
105
|
+
* Store user key pair for OAuth identity (optional - for persistent key storage)
|
|
106
|
+
* SECURITY: Implementation should encrypt private keys at rest
|
|
107
|
+
*/
|
|
108
|
+
setKeyPairByOAuth?(provider: string, subject: string, keyPair: UserKeyPair, ttl?: number): Promise<void>;
|
|
58
109
|
}
|
|
59
110
|
/**
|
|
60
111
|
* User DID Manager configuration
|
|
@@ -87,24 +138,47 @@ export interface UserDidManagerConfig {
|
|
|
87
138
|
export declare class UserDidManager {
|
|
88
139
|
private config;
|
|
89
140
|
private sessionDidCache;
|
|
141
|
+
private sessionKeyPairCache;
|
|
90
142
|
constructor(config: UserDidManagerConfig);
|
|
91
143
|
/**
|
|
92
|
-
*
|
|
144
|
+
* Get key pair for a session (for VC signing)
|
|
145
|
+
*
|
|
146
|
+
* Returns the key pair if available, null otherwise.
|
|
147
|
+
* Key pairs are stored when DIDs are generated.
|
|
148
|
+
*
|
|
149
|
+
* @param sessionId - MCP session ID
|
|
150
|
+
* @param oauthIdentity - Optional OAuth identity for persistent lookup
|
|
151
|
+
* @returns UserKeyPair or null if not available
|
|
152
|
+
*/
|
|
153
|
+
getKeyPairForSession(sessionId: string, oauthIdentity?: OAuthIdentity | null): Promise<UserKeyPair | null>;
|
|
154
|
+
/**
|
|
155
|
+
* Get user DID for a session (Phase 5: No ephemeral generation)
|
|
93
156
|
*
|
|
94
157
|
* If a user DID already exists for the session, it is returned.
|
|
95
|
-
* If OAuth identity is provided, checks for persistent user DID mapping
|
|
96
|
-
*
|
|
158
|
+
* If OAuth identity is provided, checks for persistent user DID mapping.
|
|
159
|
+
* Returns null if no DID found - session stays anonymous until OAuth completes.
|
|
97
160
|
*
|
|
98
161
|
* @param sessionId - MCP session ID
|
|
99
162
|
* @param oauthIdentity - Optional OAuth identity for persistent user DID lookup
|
|
100
|
-
* @returns User DID (did:key format)
|
|
163
|
+
* @returns User DID (did:key format) or null if session is anonymous
|
|
101
164
|
*
|
|
102
165
|
* @remarks
|
|
103
|
-
* -
|
|
104
|
-
* -
|
|
105
|
-
* -
|
|
166
|
+
* - Phase 5: Sessions start anonymous, no ephemeral DID generation
|
|
167
|
+
* - User DIDs are resolved via AgentShield after OAuth completes
|
|
168
|
+
* - Returns null if no existing DID found (instead of generating ephemeral)
|
|
106
169
|
*/
|
|
107
|
-
getOrCreateUserDid(sessionId: string, oauthIdentity?: OAuthIdentity | null): Promise<string>;
|
|
170
|
+
getOrCreateUserDid(sessionId: string, oauthIdentity?: OAuthIdentity | null): Promise<string | null>;
|
|
171
|
+
/**
|
|
172
|
+
* Set user DID for a session (Phase 5: After OAuth resolution)
|
|
173
|
+
*
|
|
174
|
+
* Called after AgentShield identity/resolve returns a persistent user DID.
|
|
175
|
+
* Caches the DID and optionally stores in session storage.
|
|
176
|
+
*
|
|
177
|
+
* @param sessionId - MCP session ID
|
|
178
|
+
* @param userDid - Persistent user DID from AgentShield
|
|
179
|
+
* @param oauthIdentity - OAuth identity for creating persistent mappings
|
|
180
|
+
*/
|
|
181
|
+
setUserDidForSession(sessionId: string, userDid: string, oauthIdentity?: OAuthIdentity | null): Promise<void>;
|
|
108
182
|
/**
|
|
109
183
|
* Generate a new ephemeral user DID
|
|
110
184
|
*
|
|
@@ -112,6 +186,15 @@ export declare class UserDidManager {
|
|
|
112
186
|
* did:web can be used if configured, but requires additional setup.
|
|
113
187
|
*/
|
|
114
188
|
private generateUserDid;
|
|
189
|
+
/**
|
|
190
|
+
* Generate a new ephemeral user DID with full key pair
|
|
191
|
+
*
|
|
192
|
+
* Returns the DID along with the key pair for VC signing.
|
|
193
|
+
* Uses did:key format by default.
|
|
194
|
+
*
|
|
195
|
+
* @returns UserKeyPair containing DID, public key, private key, and key ID
|
|
196
|
+
*/
|
|
197
|
+
private generateUserDidWithKeyPair;
|
|
115
198
|
/**
|
|
116
199
|
* Generate did:key from Ed25519 public key bytes
|
|
117
200
|
* Following spec: https://w3c-ccg.github.io/did-method-key/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"user-did-manager.d.ts","sourceRoot":"","sources":["../../src/identity/user-did-manager.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"user-did-manager.d.ts","sourceRoot":"","sources":["../../src/identity/user-did-manager.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAEnD;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B;;OAEG;IACH,QAAQ,EAAE,MAAM,CAAC;IAEjB;;OAEG;IACH,OAAO,EAAE,MAAM,CAAC;IAEhB;;OAEG;IACH,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf;;OAEG;IACH,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED;;;;;GAKG;AACH,MAAM,WAAW,WAAW;IAC1B;;OAEG;IACH,GAAG,EAAE,MAAM,CAAC;IAEZ;;OAEG;IACH,SAAS,EAAE,MAAM,CAAC;IAElB;;;OAGG;IACH,UAAU,EAAE,MAAM,CAAC;IAEnB;;OAEG;IACH,KAAK,EAAE,MAAM,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,GAAG,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAE/C;;OAEG;IACH,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEjE;;OAEG;IACH,MAAM,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEzC;;;OAGG;IACH,UAAU,CAAC,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC;IAEvE;;;OAGG;IACH,UAAU,CAAC,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAEzF;;;OAGG;IACH,UAAU,CAAC,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,CAAC;IAE5D;;;OAGG;IACH,UAAU,CAAC,CAAC,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAElF;;;OAGG;IACH,iBAAiB,CAAC,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC,CAAC;IAEnF;;;OAGG;IACH,iBAAiB,CAAC,CAChB,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,WAAW,EACpB,GAAG,CAAC,EAAE,MAAM,GACX,OAAO,CAAC,IAAI,CAAC,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC;;;OAGG;IACH,OAAO,CAAC,EAAE,cAAc,CAAC;IAEzB;;OAEG;IACH,MAAM,EAAE,cAAc,CAAC;IAEvB;;OAEG;IACH,SAAS,CAAC,EAAE,OAAO,CAAC;IAEpB;;OAEG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED;;;;;GAKG;AACH,qBAAa,cAAc;IACzB,OAAO,CAAC,MAAM,CAAuB;IACrC,OAAO,CAAC,eAAe,CAA6B;IACpD,OAAO,CAAC,mBAAmB,CAAkC;gBAEjD,MAAM,EAAE,oBAAoB;IAIxC;;;;;;;;;OASG;IACG,oBAAoB,CACxB,SAAS,EAAE,MAAM,EACjB,aAAa,CAAC,EAAE,aAAa,GAAG,IAAI,GACnC,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;IA0C9B;;;;;;;;;;;;;;;OAeG;IACG,kBAAkB,CAAC,SAAS,EAAE,MAAM,EAAE,aAAa,CAAC,EAAE,aAAa,GAAG,IAAI,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IA0EzG;;;;;;;;;OASG;IACG,oBAAoB,CACxB,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,EACf,aAAa,CAAC,EAAE,aAAa,GAAG,IAAI,GACnC,OAAO,CAAC,IAAI,CAAC;IAgChB;;;;;OAKG;YACW,eAAe;IAK7B;;;;;;;OAOG;YACW,0BAA0B;IA4BxC;;;;;OAKG;IACH,OAAO,CAAC,2BAA2B;IAiBnC;;;OAGG;IACH,OAAO,CAAC,YAAY;IAwBpB;;OAEG;IACH,OAAO,CAAC,aAAa;IAerB;;OAEG;IACG,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;IAkB3D;;OAEG;IACG,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;IAapD;;OAEG;IACH,UAAU,IAAI,IAAI;CAGnB"}
|
|
@@ -2,11 +2,17 @@
|
|
|
2
2
|
/**
|
|
3
3
|
* User DID Manager
|
|
4
4
|
*
|
|
5
|
-
*
|
|
6
|
-
* Generates did:key DIDs for users when they join a chat session.
|
|
5
|
+
* Manages user DIDs for MCP-I sessions.
|
|
7
6
|
*
|
|
8
|
-
*
|
|
9
|
-
*
|
|
7
|
+
* Phase 5: Anonymous Sessions Until OAuth
|
|
8
|
+
* - Sessions start anonymous (no userDid) until OAuth completes
|
|
9
|
+
* - User DIDs are resolved via AgentShield identity/resolve after OAuth
|
|
10
|
+
* - Eliminates DID fragmentation (same user = same DID across sessions)
|
|
11
|
+
*
|
|
12
|
+
* DID Resolution Priority:
|
|
13
|
+
* 1. OAuth mapping lookup (persistent)
|
|
14
|
+
* 2. Session storage lookup
|
|
15
|
+
* 3. Return null (session stays anonymous)
|
|
10
16
|
*/
|
|
11
17
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
18
|
exports.UserDidManager = void 0;
|
|
@@ -19,24 +25,70 @@ exports.UserDidManager = void 0;
|
|
|
19
25
|
class UserDidManager {
|
|
20
26
|
config;
|
|
21
27
|
sessionDidCache = new Map();
|
|
28
|
+
sessionKeyPairCache = new Map();
|
|
22
29
|
constructor(config) {
|
|
23
30
|
this.config = config;
|
|
24
31
|
}
|
|
25
32
|
/**
|
|
26
|
-
*
|
|
33
|
+
* Get key pair for a session (for VC signing)
|
|
34
|
+
*
|
|
35
|
+
* Returns the key pair if available, null otherwise.
|
|
36
|
+
* Key pairs are stored when DIDs are generated.
|
|
37
|
+
*
|
|
38
|
+
* @param sessionId - MCP session ID
|
|
39
|
+
* @param oauthIdentity - Optional OAuth identity for persistent lookup
|
|
40
|
+
* @returns UserKeyPair or null if not available
|
|
41
|
+
*/
|
|
42
|
+
async getKeyPairForSession(sessionId, oauthIdentity) {
|
|
43
|
+
// Check in-memory cache first
|
|
44
|
+
if (this.sessionKeyPairCache.has(sessionId)) {
|
|
45
|
+
return this.sessionKeyPairCache.get(sessionId);
|
|
46
|
+
}
|
|
47
|
+
// Check OAuth-based persistent storage if available
|
|
48
|
+
if (oauthIdentity?.provider &&
|
|
49
|
+
oauthIdentity?.subject &&
|
|
50
|
+
this.config.storage?.getKeyPairByOAuth) {
|
|
51
|
+
try {
|
|
52
|
+
const keyPair = await this.config.storage.getKeyPairByOAuth(oauthIdentity.provider, oauthIdentity.subject);
|
|
53
|
+
if (keyPair) {
|
|
54
|
+
this.sessionKeyPairCache.set(sessionId, keyPair);
|
|
55
|
+
return keyPair;
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
catch (error) {
|
|
59
|
+
console.warn('[UserDidManager] OAuth key pair lookup failed:', error);
|
|
60
|
+
}
|
|
61
|
+
}
|
|
62
|
+
// Check session storage if available
|
|
63
|
+
if (this.config.storage?.getKeyPair) {
|
|
64
|
+
try {
|
|
65
|
+
const keyPair = await this.config.storage.getKeyPair(sessionId);
|
|
66
|
+
if (keyPair) {
|
|
67
|
+
this.sessionKeyPairCache.set(sessionId, keyPair);
|
|
68
|
+
return keyPair;
|
|
69
|
+
}
|
|
70
|
+
}
|
|
71
|
+
catch (error) {
|
|
72
|
+
console.warn('[UserDidManager] Session key pair lookup failed:', error);
|
|
73
|
+
}
|
|
74
|
+
}
|
|
75
|
+
return null;
|
|
76
|
+
}
|
|
77
|
+
/**
|
|
78
|
+
* Get user DID for a session (Phase 5: No ephemeral generation)
|
|
27
79
|
*
|
|
28
80
|
* If a user DID already exists for the session, it is returned.
|
|
29
|
-
* If OAuth identity is provided, checks for persistent user DID mapping
|
|
30
|
-
*
|
|
81
|
+
* If OAuth identity is provided, checks for persistent user DID mapping.
|
|
82
|
+
* Returns null if no DID found - session stays anonymous until OAuth completes.
|
|
31
83
|
*
|
|
32
84
|
* @param sessionId - MCP session ID
|
|
33
85
|
* @param oauthIdentity - Optional OAuth identity for persistent user DID lookup
|
|
34
|
-
* @returns User DID (did:key format)
|
|
86
|
+
* @returns User DID (did:key format) or null if session is anonymous
|
|
35
87
|
*
|
|
36
88
|
* @remarks
|
|
37
|
-
* -
|
|
38
|
-
* -
|
|
39
|
-
* -
|
|
89
|
+
* - Phase 5: Sessions start anonymous, no ephemeral DID generation
|
|
90
|
+
* - User DIDs are resolved via AgentShield after OAuth completes
|
|
91
|
+
* - Returns null if no existing DID found (instead of generating ephemeral)
|
|
40
92
|
*/
|
|
41
93
|
async getOrCreateUserDid(sessionId, oauthIdentity) {
|
|
42
94
|
// Check cache first
|
|
@@ -97,40 +149,50 @@ class UserDidManager {
|
|
|
97
149
|
}
|
|
98
150
|
}
|
|
99
151
|
catch (error) {
|
|
100
|
-
// Log but continue - will
|
|
101
|
-
console.warn('[UserDidManager] Storage.get failed
|
|
152
|
+
// Log but continue - session will be anonymous
|
|
153
|
+
console.warn('[UserDidManager] Storage.get failed:', error);
|
|
102
154
|
}
|
|
103
155
|
}
|
|
104
|
-
//
|
|
105
|
-
|
|
106
|
-
|
|
156
|
+
// PHASE 5: No ephemeral DID generation - session stays anonymous
|
|
157
|
+
// User DID will be resolved via AgentShield after OAuth completes
|
|
158
|
+
return null;
|
|
159
|
+
}
|
|
160
|
+
/**
|
|
161
|
+
* Set user DID for a session (Phase 5: After OAuth resolution)
|
|
162
|
+
*
|
|
163
|
+
* Called after AgentShield identity/resolve returns a persistent user DID.
|
|
164
|
+
* Caches the DID and optionally stores in session storage.
|
|
165
|
+
*
|
|
166
|
+
* @param sessionId - MCP session ID
|
|
167
|
+
* @param userDid - Persistent user DID from AgentShield
|
|
168
|
+
* @param oauthIdentity - OAuth identity for creating persistent mappings
|
|
169
|
+
*/
|
|
170
|
+
async setUserDidForSession(sessionId, userDid, oauthIdentity) {
|
|
171
|
+
// Cache in memory
|
|
107
172
|
this.sessionDidCache.set(sessionId, userDid);
|
|
108
|
-
// Store
|
|
173
|
+
// Store in session storage if available
|
|
109
174
|
if (this.config.storage) {
|
|
110
175
|
try {
|
|
111
176
|
await this.config.storage.set(sessionId, userDid, 1800); // 30 minutes TTL
|
|
112
177
|
}
|
|
113
178
|
catch (error) {
|
|
114
|
-
|
|
115
|
-
console.warn('[UserDidManager] Storage.set failed, continuing with cached DID:', error);
|
|
179
|
+
console.warn('[UserDidManager] Failed to store user DID in session storage:', error);
|
|
116
180
|
}
|
|
117
181
|
}
|
|
118
|
-
//
|
|
119
|
-
if (oauthIdentity
|
|
182
|
+
// Create OAuth mapping if provided
|
|
183
|
+
if (oauthIdentity?.provider && oauthIdentity?.subject && this.config.storage?.setByOAuth) {
|
|
120
184
|
try {
|
|
121
185
|
await this.config.storage.setByOAuth(oauthIdentity.provider, oauthIdentity.subject, userDid, 90 * 24 * 60 * 60 // 90 days TTL for persistent mapping
|
|
122
186
|
);
|
|
123
|
-
console.log('[UserDidManager] Created
|
|
187
|
+
console.log('[UserDidManager] Created OAuth → DID mapping:', {
|
|
124
188
|
provider: oauthIdentity.provider,
|
|
125
189
|
userDid: userDid.substring(0, 20) + '...',
|
|
126
190
|
});
|
|
127
191
|
}
|
|
128
192
|
catch (error) {
|
|
129
|
-
// Log but continue - mapping creation failed, but DID is still valid
|
|
130
193
|
console.warn('[UserDidManager] Failed to create OAuth mapping:', error);
|
|
131
194
|
}
|
|
132
195
|
}
|
|
133
|
-
return userDid;
|
|
134
196
|
}
|
|
135
197
|
/**
|
|
136
198
|
* Generate a new ephemeral user DID
|
|
@@ -139,6 +201,18 @@ class UserDidManager {
|
|
|
139
201
|
* did:web can be used if configured, but requires additional setup.
|
|
140
202
|
*/
|
|
141
203
|
async generateUserDid() {
|
|
204
|
+
const keyPairData = await this.generateUserDidWithKeyPair();
|
|
205
|
+
return keyPairData.did;
|
|
206
|
+
}
|
|
207
|
+
/**
|
|
208
|
+
* Generate a new ephemeral user DID with full key pair
|
|
209
|
+
*
|
|
210
|
+
* Returns the DID along with the key pair for VC signing.
|
|
211
|
+
* Uses did:key format by default.
|
|
212
|
+
*
|
|
213
|
+
* @returns UserKeyPair containing DID, public key, private key, and key ID
|
|
214
|
+
*/
|
|
215
|
+
async generateUserDidWithKeyPair() {
|
|
142
216
|
if (this.config.useDidWeb && this.config.didWebBaseUrl) {
|
|
143
217
|
// Generate did:web (requires web server setup)
|
|
144
218
|
// For now, fall back to did:key
|
|
@@ -150,7 +224,15 @@ class UserDidManager {
|
|
|
150
224
|
// Extract public key bytes (32 bytes for Ed25519)
|
|
151
225
|
const publicKeyBytes = this.base64ToBytes(keyPair.publicKey);
|
|
152
226
|
// Generate did:key from public key
|
|
153
|
-
|
|
227
|
+
const did = this.generateDidKeyFromPublicKey(publicKeyBytes);
|
|
228
|
+
// Key ID is the DID with #keys-1 fragment (standard for did:key)
|
|
229
|
+
const keyId = `${did}#keys-1`;
|
|
230
|
+
return {
|
|
231
|
+
did,
|
|
232
|
+
publicKey: keyPair.publicKey,
|
|
233
|
+
privateKey: keyPair.privateKey,
|
|
234
|
+
keyId,
|
|
235
|
+
};
|
|
154
236
|
}
|
|
155
237
|
/**
|
|
156
238
|
* Generate did:key from Ed25519 public key bytes
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"user-did-manager.js","sourceRoot":"","sources":["../../src/identity/user-did-manager.ts"],"names":[],"mappings":";AAAA
|
|
1
|
+
{"version":3,"file":"user-did-manager.js","sourceRoot":"","sources":["../../src/identity/user-did-manager.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;AAiJH;;;;;GAKG;AACH,MAAa,cAAc;IACjB,MAAM,CAAuB;IAC7B,eAAe,GAAG,IAAI,GAAG,EAAkB,CAAC;IAC5C,mBAAmB,GAAG,IAAI,GAAG,EAAuB,CAAC;IAE7D,YAAY,MAA4B;QACtC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,oBAAoB,CACxB,SAAiB,EACjB,aAAoC;QAEpC,8BAA8B;QAC9B,IAAI,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YAC5C,OAAO,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,SAAS,CAAE,CAAC;QAClD,CAAC;QAED,oDAAoD;QACpD,IACE,aAAa,EAAE,QAAQ;YACvB,aAAa,EAAE,OAAO;YACtB,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,iBAAiB,EACtC,CAAC;YACD,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,iBAAiB,CACzD,aAAa,CAAC,QAAQ,EACtB,aAAa,CAAC,OAAO,CACtB,CAAC;gBACF,IAAI,OAAO,EAAE,CAAC;oBACZ,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;oBACjD,OAAO,OAAO,CAAC;gBACjB,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CAAC,gDAAgD,EAAE,KAAK,CAAC,CAAC;YACxE,CAAC;QACH,CAAC;QAED,qCAAqC;QACrC,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,UAAU,EAAE,CAAC;YACpC,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC;gBAChE,IAAI,OAAO,EAAE,CAAC;oBACZ,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;oBACjD,OAAO,OAAO,CAAC;gBACjB,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CAAC,kDAAkD,EAAE,KAAK,CAAC,CAAC;YAC1E,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;;;;;;;;;;OAeG;IACH,KAAK,CAAC,kBAAkB,CAAC,SAAiB,EAAE,aAAoC;QAC9E,oBAAoB;QACpB,IAAI,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YACxC,OAAO,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,CAAE,CAAC;QAC9C,CAAC;QAED,gFAAgF;QAChF,IAAI,aAAa,IAAI,aAAa,CAAC,QAAQ,IAAI,aAAa,CAAC,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,UAAU,EAAE,CAAC;YACxG,IAAI,CAAC;gBACH,MAAM,iBAAiB,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAC5D,aAAa,CAAC,QAAQ,EACtB,aAAa,CAAC,OAAO,CACtB,CAAC;gBACF,IAAI,iBAAiB,EAAE,CAAC;oBACtB,OAAO,CAAC,GAAG,CAAC,gEAAgE,EAAE;wBAC5E,QAAQ,EAAE,aAAa,CAAC,QAAQ;wBAChC,OAAO,EAAE,iBAAiB,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;qBACpD,CAAC,CAAC;oBACH,4BAA4B;oBAC5B,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;oBACvD,0DAA0D;oBAC1D,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;wBACxB,IAAI,CAAC;4BACH,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,iBAAiB,EAAE,IAAI,CAAC,CAAC,CAAC,iBAAiB;wBACtF,CAAC;wBAAC,OAAO,KAAK,EAAE,CAAC;4BACf,wDAAwD;4BACxD,OAAO,CAAC,IAAI,CAAC,qEAAqE,EAAE,KAAK,CAAC,CAAC;wBAC7F,CAAC;oBACH,CAAC;oBACD,OAAO,iBAAiB,CAAC;gBAC3B,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,oEAAoE;gBACpE,OAAO,CAAC,IAAI,CAAC,wEAAwE,EAAE,KAAK,CAAC,CAAC;YAChG,CAAC;QACH,CAAC;QAED,iDAAiD;QACjD,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACxB,IAAI,CAAC;gBACH,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;gBAC3D,IAAI,SAAS,EAAE,CAAC;oBACd,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;oBAC/C,6EAA6E;oBAC7E,IAAI,aAAa,IAAI,aAAa,CAAC,QAAQ,IAAI,aAAa,CAAC,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC;wBACvG,IAAI,CAAC;4BACH,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAClC,aAAa,CAAC,QAAQ,EACtB,aAAa,CAAC,OAAO,EACrB,SAAS,EACT,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,qCAAqC;6BACxD,CAAC;4BACF,OAAO,CAAC,GAAG,CAAC,0EAA0E,EAAE;gCACtF,QAAQ,EAAE,aAAa,CAAC,QAAQ;gCAChC,OAAO,EAAE,SAAS,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;6BAC5C,CAAC,CAAC;wBACL,CAAC;wBAAC,OAAO,KAAK,EAAE,CAAC;4BACf,qEAAqE;4BACrE,OAAO,CAAC,IAAI,CAAC,kDAAkD,EAAE,KAAK,CAAC,CAAC;wBAC1E,CAAC;oBACH,CAAC;oBACD,OAAO,SAAS,CAAC;gBACnB,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,+CAA+C;gBAC/C,OAAO,CAAC,IAAI,CAAC,sCAAsC,EAAE,KAAK,CAAC,CAAC;YAC9D,CAAC;QACH,CAAC;QAED,iEAAiE;QACjE,kEAAkE;QAClE,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;;;;;;;;OASG;IACH,KAAK,CAAC,oBAAoB,CACxB,SAAiB,EACjB,OAAe,EACf,aAAoC;QAEpC,kBAAkB;QAClB,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAE7C,wCAAwC;QACxC,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACxB,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC,CAAC,iBAAiB;YAC5E,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CAAC,+DAA+D,EAAE,KAAK,CAAC,CAAC;YACvF,CAAC;QACH,CAAC;QAED,mCAAmC;QACnC,IAAI,aAAa,EAAE,QAAQ,IAAI,aAAa,EAAE,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,UAAU,EAAE,CAAC;YACzF,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,UAAU,CAClC,aAAa,CAAC,QAAQ,EACtB,aAAa,CAAC,OAAO,EACrB,OAAO,EACP,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,qCAAqC;iBACxD,CAAC;gBACF,OAAO,CAAC,GAAG,CAAC,+CAA+C,EAAE;oBAC3D,QAAQ,EAAE,aAAa,CAAC,QAAQ;oBAChC,OAAO,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;iBAC1C,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CAAC,kDAAkD,EAAE,KAAK,CAAC,CAAC;YAC1E,CAAC;QACH,CAAC;IACH,CAAC;IAED;;;;;OAKG;IACK,KAAK,CAAC,eAAe;QAC3B,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,0BAA0B,EAAE,CAAC;QAC5D,OAAO,WAAW,CAAC,GAAG,CAAC;IACzB,CAAC;IAED;;;;;;;OAOG;IACK,KAAK,CAAC,0BAA0B;QACtC,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa,EAAE,CAAC;YACvD,+CAA+C;YAC/C,gCAAgC;YAChC,+CAA+C;YAC/C,OAAO,CAAC,IAAI,CAAC,6DAA6D,CAAC,CAAC;QAC9E,CAAC;QAED,wCAAwC;QACxC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;QAE3D,kDAAkD;QAClD,MAAM,cAAc,GAAG,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QAE7D,mCAAmC;QACnC,MAAM,GAAG,GAAG,IAAI,CAAC,2BAA2B,CAAC,cAAc,CAAC,CAAC;QAE7D,iEAAiE;QACjE,MAAM,KAAK,GAAG,GAAG,GAAG,SAAS,CAAC;QAE9B,OAAO;YACL,GAAG;YACH,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,KAAK;SACN,CAAC;IACJ,CAAC;IAED;;;;;OAKG;IACK,2BAA2B,CAAC,cAA0B;QAC5D,wCAAwC;QACxC,MAAM,gBAAgB,GAAG,IAAI,UAAU,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC;QAEtD,8BAA8B;QAC9B,MAAM,aAAa,GAAG,IAAI,UAAU,CAAC,gBAAgB,CAAC,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;QACtF,aAAa,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;QACpC,aAAa,CAAC,GAAG,CAAC,cAAc,EAAE,gBAAgB,CAAC,MAAM,CAAC,CAAC;QAE3D,gDAAgD;QAChD,sDAAsD;QACtD,MAAM,aAAa,GAAG,IAAI,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC;QAEvD,0CAA0C;QAC1C,OAAO,YAAY,aAAa,EAAE,CAAC;IACrC,CAAC;IAED;;;OAGG;IACK,YAAY,CAAC,KAAiB;QACpC,MAAM,QAAQ,GAAG,4DAA4D,CAAC;QAC9E,IAAI,GAAG,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QAEpB,+BAA+B;QAC/B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,GAAG,GAAG,GAAG,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QAC7C,CAAC;QAED,oBAAoB;QACpB,IAAI,MAAM,GAAG,EAAE,CAAC;QAChB,OAAO,GAAG,GAAG,CAAC,EAAE,CAAC;YACf,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,GAAG,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC;YACrD,GAAG,GAAG,GAAG,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;QACzB,CAAC;QAED,oBAAoB;QACpB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YACxD,MAAM,GAAG,GAAG,GAAG,MAAM,CAAC;QACxB,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACK,aAAa,CAAC,MAAc;QAClC,IAAI,OAAO,MAAM,KAAK,WAAW,EAAE,CAAC;YAClC,sBAAsB;YACtB,OAAO,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC;QACvD,CAAC;aAAM,CAAC;YACN,8BAA8B;YAC9B,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;YAClC,MAAM,KAAK,GAAG,IAAI,UAAU,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;YAClD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,YAAY,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC7C,KAAK,CAAC,CAAC,CAAC,GAAG,YAAY,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YACxC,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,UAAU,CAAC,SAAiB;QAChC,cAAc;QACd,IAAI,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YACxC,OAAO,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,CAAE,CAAC;QAC9C,CAAC;QAED,gBAAgB;QAChB,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACxB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YAC3D,IAAI,SAAS,EAAE,CAAC;gBACd,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;gBAC/C,OAAO,SAAS,CAAC;YACnB,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,YAAY,CAAC,SAAiB;QAClC,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAEvC,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACxB,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;YAC9C,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,8CAA8C;gBAC9C,OAAO,CAAC,IAAI,CAAC,qDAAqD,EAAE,KAAK,CAAC,CAAC;YAC7E,CAAC;QACH,CAAC;IACH,CAAC;IAED;;OAEG;IACH,UAAU;QACR,IAAI,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC;IAC/B,CAAC;CACF;AAvWD,wCAuWC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -51,15 +51,18 @@ export { DelegationGraphManager, createDelegationGraph, type DelegationNode, typ
|
|
|
51
51
|
export { CascadingRevocationManager, createCascadingRevocationManager, type RevocationEvent, type RevocationHook, type CascadingRevocationOptions, } from "./delegation/cascading-revocation";
|
|
52
52
|
export { MemoryStatusListStorage } from "./delegation/storage/memory-statuslist-storage";
|
|
53
53
|
export { MemoryDelegationGraphStorage } from "./delegation/storage/memory-graph-storage";
|
|
54
|
+
export { createDidKeyResolver, isEd25519DidKey, extractPublicKeyFromDidKey, publicKeyToJwk, resolveDidKeySync, } from "./delegation/did-key-resolver";
|
|
55
|
+
export { base58Encode, base58Decode, isValidBase58, } from "./utils/base58";
|
|
54
56
|
export { SchemaVerifier, createSchemaVerifier, type SchemaMetadata, type FieldComplianceResult, type SchemaComplianceReport, type FullComplianceReport, } from "./compliance/schema-verifier";
|
|
55
57
|
export { SCHEMA_REGISTRY, getAllSchemas, getSchemasByCategory, getSchemaById, getCriticalSchemas, getSchemaStats, } from "./compliance/schema-registry";
|
|
56
|
-
export { canonicalizeJSON } from "./delegation/utils";
|
|
58
|
+
export { canonicalizeJSON, createUnsignedVCJWT, completeVCJWT, parseVCJWT, type VCJWTHeader, type VCJWTPayload, type EncodeVCAsJWTOptions, } from "./delegation/utils";
|
|
59
|
+
export { base64urlEncodeFromBytes, base64urlEncodeFromString, base64urlDecodeToBytes, base64urlDecodeToString, bytesToBase64, } from "./utils/base64";
|
|
57
60
|
import type { HandshakeRequest, SessionContext, NonceCache, NonceCacheEntry, NonceCacheConfig, ProofMeta, DetachedProof, CanonicalHashes, AuditRecord } from "@kya-os/contracts";
|
|
58
61
|
export type { HandshakeRequest, SessionContext, NonceCache, NonceCacheEntry, NonceCacheConfig, ProofMeta, DetachedProof, CanonicalHashes, AuditRecord, };
|
|
59
62
|
export * from "./config";
|
|
60
63
|
export { fetchRemoteConfig, type RemoteConfigCache, type RemoteConfigOptions, } from "./config/remote-config";
|
|
61
64
|
export { UserDidManager } from "./identity/user-did-manager";
|
|
62
|
-
export type { UserDidStorage, UserDidManagerConfig, } from "./identity/user-did-manager";
|
|
65
|
+
export type { UserDidStorage, UserDidManagerConfig, UserKeyPair, OAuthIdentity, } from "./identity/user-did-manager";
|
|
63
66
|
export { IdpTokenResolver } from "./identity/idp-token-resolver";
|
|
64
67
|
export type { IdpTokenResolverConfig } from "./identity/idp-token-resolver";
|
|
65
68
|
export type { IIdpTokenStorage } from "./identity/idp-token-storage.interface";
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EACL,cAAc,EACd,aAAa,EACb,aAAa,EACb,eAAe,EACf,kBAAkB,EAClB,gBAAgB,EAChB,KAAK,aAAa,GACnB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,qBAAqB,EACrB,wBAAwB,EACxB,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,YAAY,EAAE,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AAG/D,YAAY,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAG3D,cAAc,SAAS,CAAC;AAExB,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAC;AAG3E,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAE1D,YAAY,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AAGvE,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAE1D,YAAY,EACV,uBAAuB,EACvB,mBAAmB,GACpB,MAAM,2BAA2B,CAAC;AAGnC,OAAO,EAAE,uBAAuB,EAAE,MAAM,mCAAmC,CAAC;AAE5E,YAAY,EACV,6BAA6B,EAC7B,8BAA8B,GAC/B,MAAM,mCAAmC,CAAC;AAG3C,OAAO,EACL,0BAA0B,EAC1B,gCAAgC,GACjC,MAAM,yCAAyC,CAAC;AAEjD,YAAY,EACV,gCAAgC,EAChC,yBAAyB,GAC1B,MAAM,yCAAyC,CAAC;AAGjD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAErE,YAAY,EAAE,wBAAwB,EAAE,MAAM,iCAAiC,CAAC;AAGhF,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAExD,YAAY,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAGnE,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAErE,YAAY,EAAE,wBAAwB,EAAE,MAAM,iCAAiC,CAAC;AAGhF,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAC;AAG3E,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAGhE,OAAO,EAAE,iBAAiB,EAAE,uBAAuB,EAAE,MAAM,+BAA+B,CAAC;AAG3F,OAAO,EAAE,0BAA0B,EAAE,MAAM,0CAA0C,CAAC;AACtF,YAAY,EAAE,gCAAgC,EAAE,MAAM,0CAA0C,CAAC;AAGjG,OAAO,EAAE,sBAAsB,EAAE,MAAM,qCAAqC,CAAC;AAC7E,YAAY,EAAE,SAAS,EAAE,MAAM,qCAAqC,CAAC;AAGrE,OAAO,EACL,wBAAwB,EACxB,oBAAoB,GACrB,MAAM,4BAA4B,CAAC;AAEpC,YAAY,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AAGnE,OAAO,EACL,sBAAsB,EACtB,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,4BAA4B,CAAC;AAEpC,YAAY,EACV,oBAAoB,EACpB,gBAAgB,GACjB,MAAM,4BAA4B,CAAC;AAGpC,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,4BAA4B,GAC7B,MAAM,mBAAmB,CAAC;AAE3B,YAAY,EAAE,0BAA0B,EAAE,MAAM,mBAAmB,CAAC;AAEpE,OAAO,EACL,mBAAmB,EACnB,2BAA2B,EAC3B,uBAAuB,GACxB,MAAM,+BAA+B,CAAC;AAEvC,YAAY,EACV,cAAc,EACd,oBAAoB,EACpB,2BAA2B,GAC5B,MAAM,yBAAyB,CAAC;AAEjC,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAClE,OAAO,EAAE,kBAAkB,EAAE,MAAM,8BAA8B,CAAC;AAClE,YAAY,EAAE,yBAAyB,EAAE,MAAM,8BAA8B,CAAC;AAG9E,OAAO,EACL,0BAA0B,EAC1B,sBAAsB,EACtB,KAAK,sBAAsB,EAC3B,KAAK,iBAAiB,EACtB,KAAK,gBAAgB,IAAI,0BAA0B,GACpD,MAAM,wBAAwB,CAAC;AAEhC,OAAO,EACL,4BAA4B,EAC5B,wBAAwB,EACxB,KAAK,8BAA8B,EACnC,KAAK,yBAAyB,EAC9B,KAAK,WAAW,EAChB,KAAK,WAAW,EAChB,KAAK,kBAAkB,EACvB,KAAK,kBAAkB,EACvB,KAAK,6BAA6B,GACnC,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EACL,qBAAqB,EACrB,uBAAuB,EACvB,KAAK,yBAAyB,EAC9B,KAAK,0BAA0B,GAChC,MAAM,iCAAiC,CAAC;AAEzC,OAAO,EACL,gBAAgB,EAChB,UAAU,EACV,KAAK,mBAAmB,EACxB,KAAK,qBAAqB,GAC3B,MAAM,wBAAwB,CAAC;AAGhC,OAAO,EACL,sBAAsB,EACtB,qBAAqB,EACrB,KAAK,cAAc,EACnB,KAAK,8BAA8B,GACpC,MAAM,+BAA+B,CAAC;AAEvC,OAAO,EACL,0BAA0B,EAC1B,gCAAgC,EAChC,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,0BAA0B,GAChC,MAAM,mCAAmC,CAAC;AAG3C,OAAO,EAAE,uBAAuB,EAAE,MAAM,gDAAgD,CAAC;AAEzF,OAAO,EAAE,4BAA4B,EAAE,MAAM,2CAA2C,CAAC;AAGzF,OAAO,EACL,cAAc,EACd,oBAAoB,EACpB,KAAK,cAAc,EACnB,KAAK,qBAAqB,EAC1B,KAAK,sBAAsB,EAC3B,KAAK,oBAAoB,GAC1B,MAAM,8BAA8B,CAAC;AAEtC,OAAO,EACL,eAAe,EACf,aAAa,EACb,oBAAoB,EACpB,aAAa,EACb,kBAAkB,EAClB,cAAc,GACf,MAAM,8BAA8B,CAAC;AAEtC,OAAO,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EACL,cAAc,EACd,aAAa,EACb,aAAa,EACb,eAAe,EACf,kBAAkB,EAClB,gBAAgB,EAChB,KAAK,aAAa,GACnB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,qBAAqB,EACrB,wBAAwB,EACxB,sBAAsB,GACvB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,YAAY,EAAE,wBAAwB,EAAE,MAAM,gBAAgB,CAAC;AAG/D,YAAY,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAG3D,cAAc,SAAS,CAAC;AAExB,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAC;AAG3E,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAE1D,YAAY,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,2BAA2B,CAAC;AAGvE,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAE1D,YAAY,EACV,uBAAuB,EACvB,mBAAmB,GACpB,MAAM,2BAA2B,CAAC;AAGnC,OAAO,EAAE,uBAAuB,EAAE,MAAM,mCAAmC,CAAC;AAE5E,YAAY,EACV,6BAA6B,EAC7B,8BAA8B,GAC/B,MAAM,mCAAmC,CAAC;AAG3C,OAAO,EACL,0BAA0B,EAC1B,gCAAgC,GACjC,MAAM,yCAAyC,CAAC;AAEjD,YAAY,EACV,gCAAgC,EAChC,yBAAyB,GAC1B,MAAM,yCAAyC,CAAC;AAGjD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAErE,YAAY,EAAE,wBAAwB,EAAE,MAAM,iCAAiC,CAAC;AAGhF,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAExD,YAAY,EAAE,kBAAkB,EAAE,MAAM,0BAA0B,CAAC;AAGnE,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AAErE,YAAY,EAAE,wBAAwB,EAAE,MAAM,iCAAiC,CAAC;AAGhF,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAC;AAG3E,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAGhE,OAAO,EAAE,iBAAiB,EAAE,uBAAuB,EAAE,MAAM,+BAA+B,CAAC;AAG3F,OAAO,EAAE,0BAA0B,EAAE,MAAM,0CAA0C,CAAC;AACtF,YAAY,EAAE,gCAAgC,EAAE,MAAM,0CAA0C,CAAC;AAGjG,OAAO,EAAE,sBAAsB,EAAE,MAAM,qCAAqC,CAAC;AAC7E,YAAY,EAAE,SAAS,EAAE,MAAM,qCAAqC,CAAC;AAGrE,OAAO,EACL,wBAAwB,EACxB,oBAAoB,GACrB,MAAM,4BAA4B,CAAC;AAEpC,YAAY,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AAGnE,OAAO,EACL,sBAAsB,EACtB,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,4BAA4B,CAAC;AAEpC,YAAY,EACV,oBAAoB,EACpB,gBAAgB,GACjB,MAAM,4BAA4B,CAAC;AAGpC,OAAO,EACL,sBAAsB,EACtB,8BAA8B,EAC9B,4BAA4B,GAC7B,MAAM,mBAAmB,CAAC;AAE3B,YAAY,EAAE,0BAA0B,EAAE,MAAM,mBAAmB,CAAC;AAEpE,OAAO,EACL,mBAAmB,EACnB,2BAA2B,EAC3B,uBAAuB,GACxB,MAAM,+BAA+B,CAAC;AAEvC,YAAY,EACV,cAAc,EACd,oBAAoB,EACpB,2BAA2B,GAC5B,MAAM,yBAAyB,CAAC;AAEjC,OAAO,EAAE,uBAAuB,EAAE,MAAM,yBAAyB,CAAC;AAClE,OAAO,EAAE,kBAAkB,EAAE,MAAM,8BAA8B,CAAC;AAClE,YAAY,EAAE,yBAAyB,EAAE,MAAM,8BAA8B,CAAC;AAG9E,OAAO,EACL,0BAA0B,EAC1B,sBAAsB,EACtB,KAAK,sBAAsB,EAC3B,KAAK,iBAAiB,EACtB,KAAK,gBAAgB,IAAI,0BAA0B,GACpD,MAAM,wBAAwB,CAAC;AAEhC,OAAO,EACL,4BAA4B,EAC5B,wBAAwB,EACxB,KAAK,8BAA8B,EACnC,KAAK,yBAAyB,EAC9B,KAAK,WAAW,EAChB,KAAK,WAAW,EAChB,KAAK,kBAAkB,EACvB,KAAK,kBAAkB,EACvB,KAAK,6BAA6B,GACnC,MAAM,0BAA0B,CAAC;AAGlC,OAAO,EACL,qBAAqB,EACrB,uBAAuB,EACvB,KAAK,yBAAyB,EAC9B,KAAK,0BAA0B,GAChC,MAAM,iCAAiC,CAAC;AAEzC,OAAO,EACL,gBAAgB,EAChB,UAAU,EACV,KAAK,mBAAmB,EACxB,KAAK,qBAAqB,GAC3B,MAAM,wBAAwB,CAAC;AAGhC,OAAO,EACL,sBAAsB,EACtB,qBAAqB,EACrB,KAAK,cAAc,EACnB,KAAK,8BAA8B,GACpC,MAAM,+BAA+B,CAAC;AAEvC,OAAO,EACL,0BAA0B,EAC1B,gCAAgC,EAChC,KAAK,eAAe,EACpB,KAAK,cAAc,EACnB,KAAK,0BAA0B,GAChC,MAAM,mCAAmC,CAAC;AAG3C,OAAO,EAAE,uBAAuB,EAAE,MAAM,gDAAgD,CAAC;AAEzF,OAAO,EAAE,4BAA4B,EAAE,MAAM,2CAA2C,CAAC;AAGzF,OAAO,EACL,oBAAoB,EACpB,eAAe,EACf,0BAA0B,EAC1B,cAAc,EACd,iBAAiB,GAClB,MAAM,+BAA+B,CAAC;AAGvC,OAAO,EACL,YAAY,EACZ,YAAY,EACZ,aAAa,GACd,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EACL,cAAc,EACd,oBAAoB,EACpB,KAAK,cAAc,EACnB,KAAK,qBAAqB,EAC1B,KAAK,sBAAsB,EAC3B,KAAK,oBAAoB,GAC1B,MAAM,8BAA8B,CAAC;AAEtC,OAAO,EACL,eAAe,EACf,aAAa,EACb,oBAAoB,EACpB,aAAa,EACb,kBAAkB,EAClB,cAAc,GACf,MAAM,8BAA8B,CAAC;AAEtC,OAAO,EACL,gBAAgB,EAChB,mBAAmB,EACnB,aAAa,EACb,UAAU,EACV,KAAK,WAAW,EAChB,KAAK,YAAY,EACjB,KAAK,oBAAoB,GAC1B,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,wBAAwB,EACxB,yBAAyB,EACzB,sBAAsB,EACtB,uBAAuB,EACvB,aAAa,GACd,MAAM,gBAAgB,CAAC;AAIxB,OAAO,KAAK,EACV,gBAAgB,EAChB,cAAc,EACd,UAAU,EACV,eAAe,EACf,gBAAgB,EAChB,SAAS,EACT,aAAa,EACb,eAAe,EACf,WAAW,EACZ,MAAM,mBAAmB,CAAC;AAE3B,YAAY,EACV,gBAAgB,EAChB,cAAc,EACd,UAAU,EACV,eAAe,EACf,gBAAgB,EAChB,SAAS,EACT,aAAa,EACb,eAAe,EACf,WAAW,GACZ,CAAC;AAGF,cAAc,UAAU,CAAC;AAGzB,OAAO,EACL,iBAAiB,EACjB,KAAK,iBAAiB,EACtB,KAAK,mBAAmB,GACzB,MAAM,wBAAwB,CAAC;AAGhC,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC7D,YAAY,EACV,cAAc,EACd,oBAAoB,EACpB,WAAW,EACX,aAAa,GACd,MAAM,6BAA6B,CAAC;AAGrC,OAAO,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AACjE,YAAY,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAC;AAC5E,YAAY,EAAE,gBAAgB,EAAE,MAAM,wCAAwC,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -21,7 +21,7 @@ var __exportStar = (this && this.__exportStar) || function(m, exports) {
|
|
|
21
21
|
};
|
|
22
22
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
23
23
|
exports.MemoryStatusListStorage = exports.createCascadingRevocationManager = exports.CascadingRevocationManager = exports.createDelegationGraph = exports.DelegationGraphManager = exports.isIndexSet = exports.BitstringManager = exports.createStatusListManager = exports.StatusList2021Manager = exports.createDelegationVerifier = exports.DelegationCredentialVerifier = exports.createDelegationIssuer = exports.DelegationCredentialIssuer = exports.OAuthRequiredError = exports.DelegationRequiredError = exports.NoOpToolProtectionCache = exports.InMemoryToolProtectionCache = exports.createProofVerificationError = exports.PROOF_VERIFICATION_ERROR_CODES = exports.ProofVerificationError = exports.migrateLegacyKeys = exports.StorageKeyHelpers = exports.createStorageProviders = exports.NoOpOAuthConfigCache = exports.InMemoryOAuthConfigCache = exports.BatchDelegationService = exports.OAuthTokenRetrievalService = exports.ProviderValidationError = exports.ProviderValidator = exports.ProviderResolver = exports.OAuthProviderRegistry = exports.ToolContextBuilder = exports.OAuthService = exports.OAuthConfigService = exports.createSessionRegistrationService = exports.SessionRegistrationService = exports.AccessControlApiService = exports.ProofVerifier = exports.CryptoService = exports.ToolProtectionService = exports.MCPIRuntimeBase = exports.MemoryIdentityProvider = exports.MemoryNonceCacheProvider = exports.MemoryStorageProvider = exports.IdentityProvider = exports.NonceCacheProvider = exports.StorageProvider = exports.FetchProvider = exports.ClockProvider = exports.CryptoProvider = void 0;
|
|
24
|
-
exports.IdpTokenResolver = exports.UserDidManager = exports.fetchRemoteConfig = exports.canonicalizeJSON = exports.getSchemaStats = exports.getCriticalSchemas = exports.getSchemaById = exports.getSchemasByCategory = exports.getAllSchemas = exports.SCHEMA_REGISTRY = exports.createSchemaVerifier = exports.SchemaVerifier = exports.MemoryDelegationGraphStorage = void 0;
|
|
24
|
+
exports.IdpTokenResolver = exports.UserDidManager = exports.fetchRemoteConfig = exports.bytesToBase64 = exports.base64urlDecodeToString = exports.base64urlDecodeToBytes = exports.base64urlEncodeFromString = exports.base64urlEncodeFromBytes = exports.parseVCJWT = exports.completeVCJWT = exports.createUnsignedVCJWT = exports.canonicalizeJSON = exports.getSchemaStats = exports.getCriticalSchemas = exports.getSchemaById = exports.getSchemasByCategory = exports.getAllSchemas = exports.SCHEMA_REGISTRY = exports.createSchemaVerifier = exports.SchemaVerifier = exports.isValidBase58 = exports.base58Decode = exports.base58Encode = exports.resolveDidKeySync = exports.publicKeyToJwk = exports.extractPublicKeyFromDidKey = exports.isEd25519DidKey = exports.createDidKeyResolver = exports.MemoryDelegationGraphStorage = void 0;
|
|
25
25
|
// Base providers
|
|
26
26
|
var base_1 = require("./providers/base");
|
|
27
27
|
Object.defineProperty(exports, "CryptoProvider", { enumerable: true, get: function () { return base_1.CryptoProvider; } });
|
|
@@ -128,6 +128,18 @@ var memory_statuslist_storage_1 = require("./delegation/storage/memory-statuslis
|
|
|
128
128
|
Object.defineProperty(exports, "MemoryStatusListStorage", { enumerable: true, get: function () { return memory_statuslist_storage_1.MemoryStatusListStorage; } });
|
|
129
129
|
var memory_graph_storage_1 = require("./delegation/storage/memory-graph-storage");
|
|
130
130
|
Object.defineProperty(exports, "MemoryDelegationGraphStorage", { enumerable: true, get: function () { return memory_graph_storage_1.MemoryDelegationGraphStorage; } });
|
|
131
|
+
// DID:key Resolver (Phase 3 VC Verification)
|
|
132
|
+
var did_key_resolver_1 = require("./delegation/did-key-resolver");
|
|
133
|
+
Object.defineProperty(exports, "createDidKeyResolver", { enumerable: true, get: function () { return did_key_resolver_1.createDidKeyResolver; } });
|
|
134
|
+
Object.defineProperty(exports, "isEd25519DidKey", { enumerable: true, get: function () { return did_key_resolver_1.isEd25519DidKey; } });
|
|
135
|
+
Object.defineProperty(exports, "extractPublicKeyFromDidKey", { enumerable: true, get: function () { return did_key_resolver_1.extractPublicKeyFromDidKey; } });
|
|
136
|
+
Object.defineProperty(exports, "publicKeyToJwk", { enumerable: true, get: function () { return did_key_resolver_1.publicKeyToJwk; } });
|
|
137
|
+
Object.defineProperty(exports, "resolveDidKeySync", { enumerable: true, get: function () { return did_key_resolver_1.resolveDidKeySync; } });
|
|
138
|
+
// Base58 Utilities (for did:key encoding/decoding)
|
|
139
|
+
var base58_1 = require("./utils/base58");
|
|
140
|
+
Object.defineProperty(exports, "base58Encode", { enumerable: true, get: function () { return base58_1.base58Encode; } });
|
|
141
|
+
Object.defineProperty(exports, "base58Decode", { enumerable: true, get: function () { return base58_1.base58Decode; } });
|
|
142
|
+
Object.defineProperty(exports, "isValidBase58", { enumerable: true, get: function () { return base58_1.isValidBase58; } });
|
|
131
143
|
// Compliance Verification (with JSON Schema draft-07 support)
|
|
132
144
|
var schema_verifier_1 = require("./compliance/schema-verifier");
|
|
133
145
|
Object.defineProperty(exports, "SchemaVerifier", { enumerable: true, get: function () { return schema_verifier_1.SchemaVerifier; } });
|
|
@@ -141,6 +153,16 @@ Object.defineProperty(exports, "getCriticalSchemas", { enumerable: true, get: fu
|
|
|
141
153
|
Object.defineProperty(exports, "getSchemaStats", { enumerable: true, get: function () { return schema_registry_1.getSchemaStats; } });
|
|
142
154
|
var utils_1 = require("./delegation/utils");
|
|
143
155
|
Object.defineProperty(exports, "canonicalizeJSON", { enumerable: true, get: function () { return utils_1.canonicalizeJSON; } });
|
|
156
|
+
Object.defineProperty(exports, "createUnsignedVCJWT", { enumerable: true, get: function () { return utils_1.createUnsignedVCJWT; } });
|
|
157
|
+
Object.defineProperty(exports, "completeVCJWT", { enumerable: true, get: function () { return utils_1.completeVCJWT; } });
|
|
158
|
+
Object.defineProperty(exports, "parseVCJWT", { enumerable: true, get: function () { return utils_1.parseVCJWT; } });
|
|
159
|
+
// Base64 utilities for VC JWT encoding
|
|
160
|
+
var base64_1 = require("./utils/base64");
|
|
161
|
+
Object.defineProperty(exports, "base64urlEncodeFromBytes", { enumerable: true, get: function () { return base64_1.base64urlEncodeFromBytes; } });
|
|
162
|
+
Object.defineProperty(exports, "base64urlEncodeFromString", { enumerable: true, get: function () { return base64_1.base64urlEncodeFromString; } });
|
|
163
|
+
Object.defineProperty(exports, "base64urlDecodeToBytes", { enumerable: true, get: function () { return base64_1.base64urlDecodeToBytes; } });
|
|
164
|
+
Object.defineProperty(exports, "base64urlDecodeToString", { enumerable: true, get: function () { return base64_1.base64urlDecodeToString; } });
|
|
165
|
+
Object.defineProperty(exports, "bytesToBase64", { enumerable: true, get: function () { return base64_1.bytesToBase64; } });
|
|
144
166
|
// Configuration types and utilities
|
|
145
167
|
__exportStar(require("./config"), exports);
|
|
146
168
|
// Remote configuration fetching
|